With 250 workstations, I would strongly recommend setting up a GPO and applying that somehow to each of the workstations.
The GPO could potentially deployed via user scripts (managed by Nethserver user management) - haven’t read up on this myself, but it should be possible.
Some of the benefits of this will be:
- Centralized Windows Updates with WSUS (less chance of a workstation not getting patched)
- A standard template or templates of settings for the different groups or departments (easier troubleshooting as each workstation config will be standardized (in theory - in practice there will be instances of config drift).